ITSY 1300 Test review Questions with 100%
Correct Answers
true
In security testing data collection, observation is the input used to differentiate between paper
procedures and the way the job is really done.
soc 3
Emily is the information security director for a large company that handles sensitive personal
information. She is hiring an auditor to conduct an assessment demonstrating that her firm is
satisfying requirements regarding customer private data. What type of assessment should she
request?
false
The four main types of logs that you need to keep to support security auditing include event,
access, user, and security.
report writing
Which activity is an auditor least likely to conduct during the information-gathering phase of an
audit?
true
An auditing benchmark is the standard by which a system is compared to determine whether it is
securely configured.
Details on major issues
,What information should an auditor share with the client during an exit interview?
IT Infrastructure Library
What is a set of concepts and policies for managing IT infrastructure, development, and
operations?
false
Committee of Sponsoring Organizations (COSO) is a set of best practices for IT management.
adult
Ricky is reviewing security logs to independently assess security controls. Which security review
process is Ricky engaging in?
Signature detection
Which intrusion detection system strategy relies upon pattern matching?
false
An SOC 1 report primarily focuses on security.
Secure Sockets Layer (SSL
Gina is preparing to monitor network activity using packet sniffing. Which technology is most
likely to interfere with this effort if used on the network?
false
Regarding log monitoring, false negatives are alerts that seem malicious but are not real security
events.
,true
In security testing, reconnaissance involves reviewing a system to learn as much as possible
about the organization, its systems, and its networks.
false
A report indicating that a system's disk is 80 percent full is a good indication that something is
wrong with that system.
true
Data loss prevention (DLP) uses business rules to classify sensitive information to prevent
unauthorized end users from sharing it.
true
Anomaly-based intrusion detection systems compare current activity with stored profiles of
normal (expected) activity.
prudent
Christopher is designing a security policy for his organization. He would like to use an approach
that allows a reasonable list of activities but does not allow other activities. Which permission
level is he planning to use?
False positive error
Anthony is responsible for tuning his organization's intrusion detection system. He notices that
the system reports an intrusion alert each time that an administrator connects to a server using
Secure Shell (SSH). What type of error is occurring?
, true
An SOC 1 report is commonly implemented for organizations that must comply with Sarbanes-
Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).
System Configuration
What is NOT generally a section in an audit report?
Checklist
Which audit data collection method helps ensure that the information-gathering process covers
all relevant areas?
true
SOC 2 reports are created for internal and other authorized stakeholders and are commonly
implemented for service providers, hosted data centers, and managed cloud computing providers.
false
Regarding security controls, the four most common permission levels are poor, permissive,
prudent, and paranoid.
Resumes of system administrators
Which item is an auditor least likely to review during a system controls audit?
true
Regarding an intrusion detection system (IDS), stateful matching looks for specific sequences
appearing across several packets in a traffic stream rather than justin individual packets.
Correct Answers
true
In security testing data collection, observation is the input used to differentiate between paper
procedures and the way the job is really done.
soc 3
Emily is the information security director for a large company that handles sensitive personal
information. She is hiring an auditor to conduct an assessment demonstrating that her firm is
satisfying requirements regarding customer private data. What type of assessment should she
request?
false
The four main types of logs that you need to keep to support security auditing include event,
access, user, and security.
report writing
Which activity is an auditor least likely to conduct during the information-gathering phase of an
audit?
true
An auditing benchmark is the standard by which a system is compared to determine whether it is
securely configured.
Details on major issues
,What information should an auditor share with the client during an exit interview?
IT Infrastructure Library
What is a set of concepts and policies for managing IT infrastructure, development, and
operations?
false
Committee of Sponsoring Organizations (COSO) is a set of best practices for IT management.
adult
Ricky is reviewing security logs to independently assess security controls. Which security review
process is Ricky engaging in?
Signature detection
Which intrusion detection system strategy relies upon pattern matching?
false
An SOC 1 report primarily focuses on security.
Secure Sockets Layer (SSL
Gina is preparing to monitor network activity using packet sniffing. Which technology is most
likely to interfere with this effort if used on the network?
false
Regarding log monitoring, false negatives are alerts that seem malicious but are not real security
events.
,true
In security testing, reconnaissance involves reviewing a system to learn as much as possible
about the organization, its systems, and its networks.
false
A report indicating that a system's disk is 80 percent full is a good indication that something is
wrong with that system.
true
Data loss prevention (DLP) uses business rules to classify sensitive information to prevent
unauthorized end users from sharing it.
true
Anomaly-based intrusion detection systems compare current activity with stored profiles of
normal (expected) activity.
prudent
Christopher is designing a security policy for his organization. He would like to use an approach
that allows a reasonable list of activities but does not allow other activities. Which permission
level is he planning to use?
False positive error
Anthony is responsible for tuning his organization's intrusion detection system. He notices that
the system reports an intrusion alert each time that an administrator connects to a server using
Secure Shell (SSH). What type of error is occurring?
, true
An SOC 1 report is commonly implemented for organizations that must comply with Sarbanes-
Oxley (SOX) or the Gramm-Leach-Bliley Act (GLBA).
System Configuration
What is NOT generally a section in an audit report?
Checklist
Which audit data collection method helps ensure that the information-gathering process covers
all relevant areas?
true
SOC 2 reports are created for internal and other authorized stakeholders and are commonly
implemented for service providers, hosted data centers, and managed cloud computing providers.
false
Regarding security controls, the four most common permission levels are poor, permissive,
prudent, and paranoid.
Resumes of system administrators
Which item is an auditor least likely to review during a system controls audit?
true
Regarding an intrusion detection system (IDS), stateful matching looks for specific sequences
appearing across several packets in a traffic stream rather than justin individual packets.
